There is. You can enable LDAP Password Policy Enforcement (LPPE):

https://apereo.github.io/cas/development/installation/Password-Policy-Enforcement.html

This is separate from Password Management (further down the page).

All I had to do was add

cas.authn.ldap[0].passwordPolicy.enabled:   true
cas.authn.ldap[0].passwordPolicy.type:      AD
cas.authn.ldap[0].passwordPolicy.strategy:  DEFAULT

to cas.properties.

If you've gotten as far as setting up the src/ hierarchy in your overlay to
create a theme and/or modify the various page templates, you can style
these pages (there's a separate one for each failure condition) and you can
customize the messages displayed by editing custom_messages.properties.

It seems to work pretty well.

--Dave



--

DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY

71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • david.cu...@newschool.edu

[image: The New School]

On Fri, May 18, 2018 at 1:02 PM, Jennifer LaVoie <nixgeekg...@gmail.com>
wrote:

> Hello Everyone
>
> My managers are asking if CAS can return a better error to the end user
> besides "invalid credentials" based on the status of their account.
>
> If there a way for CAS to know if the account is disabled or the password
> has expired and return that information to the end user?  I am integrated
> with Active Directory.
>
> thanks
> Jen
>
> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/87658e9a-bb8f-46bf-a4f8-
> e176818f26fd%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/87658e9a-bb8f-46bf-a4f8-e176818f26fd%40apereo.org?utm_medium=email&utm_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XAMZzGSVUEGbEjd-RWLq%2B%2BEnDHj7OGvRUMETa2e0iTL_ew%40mail.gmail.com.

Reply via email to